What is claimed is: 



1. Private network apparatus for connecting a user 
to an external internet comprising: 

a plurality of security service pathways each 
providing a respective combination of security service 
features; v 

a service selection dashboard allowing said user to 
select from a plurality of security service features for 
user traffic to and from said user; 

a network management server coupled to said service 
selection dashboard for storing a subscriber 
configuration in response to said user selected security 
service features; 

a pass-through router for coupling to said external 
internet; 

a service selection gateway coupled to said user for 
directing said user traffic to and from one of said 
service selection dashboard, said pass-through router, or 
one of said security service pathways; and 

a security service router for coupling said 
plurality of security service pathways to said external 
internet ; 

wherein said service selection gateway directs said 
user traffic to said service selection dashboard if said 
subscriber configuration is in an initialized state; 

wherein said service selection gateway directs said 
user traffic to a respective one of said security service 
pathways or to said pass -through router in response to 
said subscriber configuration after initialization by 
said service selection dashboard. 

2 . The apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a 
firewall . 
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3 . The apparatus of claim 1 
service pathways include at least 
virus scanner. 



wherein said security 
one pathway having a 



4 . The apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a 
content filter. 

5 . The apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a 
firewall and a content filter. 

6 . The apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a 
firewall and a virus scanner. 

7 . The apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a 
content filter and a virus scanner. 

8 . The apparatus of claim 1 wherein said security 
service pathways include at least one pathway having a 
firewall, a content filter, and a virus scanner. 

9 . The apparatus of claim 1 wherein said security 
service pathways include at least two pathways having 
firewalls, said firewalls respectively providing 
different grades of firewall protection. 

10. The apparatus of claim 9 comprising three 
security service pathways each including a respective 
firewall, said firewalls including a first firewall 
providing a high grade firewall protection, a second 
firewall providing a medium grade firewall protection, 
and a third firewall providing a low grade firewall 
protection . 
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11. The apparatus of claim 10 wherein said low 
grade firewall protection comprises port blocking for 
outgoing traffic. 

12. The apparatus of claim 10 wherein said medium 
grade firewall protection comprises port blocking for 
incoming and outgoing traffic. 

13. The apparatus of claim 10 wherein said high 
grade firewall protection comprises port blocking for 
outgoing traffic and blocking of all incoming traffic not 
initiated by said user. 

14. A method of providing security service in a 
network interface to an external internet, said method 
comprising the steps of: 

directing a user to a captive portal; 

presenting security service features to said user; 

storing a subscription profile for said user in 
response to security service features selected by said 
user through said captive portal; 

receiving user traffic from said user destined for 
said external internet at a service selection gateway; 

determining from said subscription profile which 
security service features to apply to said user traffic; 

if said subscription profile for said user includes 
any security service features, then re-directing said 
user traffic to a security service pathway corresponding 
to said security service features identified by said user 
profile; and 

if said subscription profile for said user includes 
no security service features, then re-directing said user 
traffic to a pass-through router to said external 
internet . 

15. The method of claim 14 wherein said security 
service features include firewall services, content 
filtering services, and virus scanning services, and 
wherein each of said security service pathways 
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corresponds to a combination of said security service 
features . 

16 . The method of claim 15 wherein said firewall 
services comprise selectable grades of firewall 
protection including a high grade firewall protection, a 
medium grade firewall protection, and a low grade 
firewall protection. 

17. The method of claim 16 wherein said low grade 
firewall protection comprises port blocking for outgoing 
user traffic. 

18. The method of claim 16 wherein said medium 
grade firewall protection comprises port blocking for 
incoming and outgoing user traffic. 

19 . The method of claim 16 wherein said high grade 
firewall protection comprises port blocking for outgoing 
user traffic and blocking of all incoming traffic not 
initiated by said user. 



